Description
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Remediation
References
Related Vulnerabilities
TYPO3 Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-11063)
Oracle JRE CVE-2014-0464 Vulnerability (CVE-2014-0464)
WordPress Plugin Travelpayouts:All Travel Brands in One Place Cross-Site Request Forgery (1.0.16)
WordPress Plugin Contact Form DB Cross-Site Scripting (2.8.27)